1. Field of Invention
The invention generally relates to authentication and more particularly to electronic security and, more particularly to authentication of entities using sound.
2. Description of the Related Art
With the growth of electronic commerce, use of public communication infrastructure, such as the Internet, to access various secure networks, systems and/or applications has also grown. For example, users may gain access to banks (online or by automatic teller machines (ATM)), a private network such as an intranet, a secure server or database or other virtual private network (VPN) over the Internet by digital authentication.
However, with the introduction of a system of communication wherein face-to-face contact is not possible, opportunities for fraudulent or unauthorized access have increased. Misappropriated identity in the hands of wrongdoers may cause damage to individuals, organizations or other entities.
In order to prevent unauthorized access, various security schemes have been developed to verify user or entity identification such that only authorized entities are given access. One common technique is by requiring a user to provide the correct password. Because this technique uses a single factor to authenticate a user, systems implementing this technique may be more susceptible to attacks by an unauthorized users.
Another common technique for user authentication is known as the two-factor authentication. Two-factor authentication is typically based on something that a user has, for example a physical device, and something that a user knows, such as a password. Because both pieces of information is used to authenticate a user, systems implementing the two-factor authentication may be less susceptible to attacks than a single-factor authentication.
For example, a password generating token is a two-factor authentication system designed to control access. Here, a unique password is generated and continuously displayed to a user. The password is generated from an algorithm that is based on a secure information and the current time. The user is then required to input the current displayed password to gain access.
While a password generating device may prevent unauthorized access, it is cumbersome because users must manually enter each password during each access. Also, errors are more likely to occur due to the manual input of the password. In some systems, a user is required to input a password more than once during each access, which increases the inconvenience and possibility of errors. Furthermore, because the password is based on time and is continuously displayed, a constant computation is required by the device, thereby shortening battery life of the device.
Therefore, there is a need for a more efficient and/or more convenient as well as secure way to implement a control access system using a device.